![](/screenshots/05607f9b-6fbc-4f09-8a4a-d54aa325cf0a.png)
onlinebanking.bancogalicia.com.ar
Open in
urlscan Pro
161.190.1.97
Malicious Activity!
Public Scan
Effective URL: https://onlinebanking.bancogalicia.com.ar/login
Submission: On November 05 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 27th 2022. Valid for: a year.
This is the only time onlinebanking.bancogalicia.com.ar was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Galicia (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 185.46.120.131 185.46.120.131 | 62134 (IHNET-EU) (IHNET-EU) | |
16 | 161.190.1.97 161.190.1.97 | 13474 (Banco de ...) (Banco de Galicia y Buenos Aires) | |
4 | 2a02:26f0:350... 2a02:26f0:3500:587::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:21f... 2600:9000:21f3:fc00:10:fcf8:9540:93a1 | () () | |
1 | 107.23.44.14 107.23.44.14 | () () | |
3 | 2a00:1450:400... 2a00:1450:4001:828::2008 | () () | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200e | () () | |
1 | 216.58.212.130 216.58.212.130 | () () | |
46 | 10 |
ASN62134 (IHNET-EU, US)
PTR: uniform.unisonplatform.com
elting-nn.com |
ASN13474 (Banco de Galicia y Buenos Aires, AR)
PTR: onlinebanking.bancogalicia.com.ar
onlinebanking.bancogalicia.com.ar |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
bancogalicia.com.ar
onlinebanking.bancogalicia.com.ar sifo.bancogalicia.com.ar Failed |
630 KB |
4 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 467 |
88 KB |
4 |
elting-nn.com
elting-nn.com |
1 KB |
3 |
googletagmanager.com
www.googletagmanager.com |
271 KB |
2 |
bgsensors.co
gal.bgsensors.co |
2 KB |
1 |
googleadservices.com
www.googleadservices.com |
|
1 |
google-analytics.com
www.google-analytics.com |
20 KB |
1 |
easysol.net
detectca.easysol.net |
|
1 |
we-stats.com
bcdn-god.we-stats.com |
113 KB |
0 |
google.com.bd
Failed
www.google.com.bd Failed |
|
0 |
google.com
Failed
analytics.google.com Failed |
|
0 |
doubleclick.net
Failed
stats.g.doubleclick.net Failed |
|
0 |
hotjar.com
Failed
static.hotjar.com Failed |
|
0 |
prismasystems.com.ar
Failed
logo.prismasystems.com.ar Failed |
|
0 |
demdex.net
Failed
dpm.demdex.net Failed |
|
46 | 15 |
Domain | Requested by | |
---|---|---|
16 | onlinebanking.bancogalicia.com.ar |
onlinebanking.bancogalicia.com.ar
www.googletagmanager.com |
4 | assets.adobedtm.com |
onlinebanking.bancogalicia.com.ar
assets.adobedtm.com |
4 | elting-nn.com |
elting-nn.com
|
3 | www.googletagmanager.com |
onlinebanking.bancogalicia.com.ar
www.googletagmanager.com |
2 | gal.bgsensors.co |
onlinebanking.bancogalicia.com.ar
gal.bgsensors.co |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | detectca.easysol.net |
onlinebanking.bancogalicia.com.ar
|
1 | bcdn-god.we-stats.com |
onlinebanking.bancogalicia.com.ar
|
0 | www.google.com.bd Failed |
onlinebanking.bancogalicia.com.ar
|
0 | analytics.google.com Failed |
www.googletagmanager.com
|
0 | stats.g.doubleclick.net Failed |
www.google-analytics.com
www.googletagmanager.com |
0 | static.hotjar.com Failed |
www.googletagmanager.com
|
0 | logo.prismasystems.com.ar Failed |
onlinebanking.bancogalicia.com.ar
|
0 | dpm.demdex.net Failed |
assets.adobedtm.com
|
0 | sifo.bancogalicia.com.ar Failed |
onlinebanking.bancogalicia.com.ar
|
46 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
webdisk.elting-nn.com R3 |
2022-11-05 - 2023-02-03 |
3 months | crt.sh |
onlinebanking.bancogalicia.com.ar DigiCert SHA2 Extended Validation Server CA |
2022-09-27 - 2023-09-27 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-11-05 - 2023-11-05 |
a year | crt.sh |
*.we-stats.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2022-09-13 - 2023-09-29 |
a year | crt.sh |
*.easysol.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-17 - 2023-09-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-10-17 - 2023-01-09 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-10-17 - 2023-01-09 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://onlinebanking.bancogalicia.com.ar/login
Frame ID: FF49D9BF4D68DF447901C161A1868879
Requests: 45 HTTP requests in this frame
Frame:
https://logo.prismasystems.com.ar/galicia/logogalicia.html
Frame ID: C31FF9A1906B4030D972B461474DC94B
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/05607f9b-6fbc-4f09-8a4a-d54aa325cf0a.png)
Page URL History Show full URLs
- https://elting-nn.com/wp-admin/includes/ggaaalisocios/login4.php Page URL
- https://onlinebanking.bancogalicia.com.ar/login Page URL
Detected technologies
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://elting-nn.com/wp-admin/includes/ggaaalisocios/login4.php Page URL
- https://onlinebanking.bancogalicia.com.ar/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
login4.php
elting-nn.com/wp-admin/includes/ggaaalisocios/ |
969 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
elting-nn.com/wp-admin/includes/ggaaalisocios/calabasas/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
elting-nn.com/wp-admin/includes/ggaaalisocios/calabasas/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
elting-nn.com/wp-admin/includes/ggaaalisocios/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login
onlinebanking.bancogalicia.com.ar/ |
67 KB 69 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
onlinebanking.bancogalicia.com.ar/Content/ |
121 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.min.css
onlinebanking.bancogalicia.com.ar/Content/ |
1 MB 136 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keyboard.css
onlinebanking.bancogalicia.com.ar/Content/Keyboard/ |
492 B 857 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simple-keyboard.css
onlinebanking.bancogalicia.com.ar/Content/Keyboard/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sharedout
onlinebanking.bancogalicia.com.ar/bundles/ |
378 KB 378 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FrontFunctions.min.js
onlinebanking.bancogalicia.com.ar/Scripts/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
customcarousel.min.css
onlinebanking.bancogalicia.com.ar/Content/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seguloginborders
onlinebanking.bancogalicia.com.ar/bundles/ |
651 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seguloginclientless
onlinebanking.bancogalicia.com.ar/bundles/ |
436 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-121f57795303.min.js
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/ |
269 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
gal.bgsensors.co/api/bgsensor/ccfac30f-772d-4a29-a82d-798db50348bb/f1192f0f-5749-4cea-8568-14c0bae9b5f0/ |
959 B 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simple-keyboard.min.js
onlinebanking.bancogalicia.com.ar/Scripts/Keyboard/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfill.js
onlinebanking.bancogalicia.com.ar/Scripts/Keyboard/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keyboard.js
onlinebanking.bancogalicia.com.ar/Scripts/Keyboard/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad1a29c5.js
bcdn-god.we-stats.com/scripts/ad1a29c5/ |
606 KB 113 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
detect.js
detectca.easysol.net/detectca/scripts/QjL8pgjJN3mpOxVuG7JxpI2OYsRMit/ |
2 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
login.js
sifo.bancogalicia.com.ar/requestserver/script/v1/al02ch/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
518 KB 130 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
onlinebanking.bancogalicia.com.ar/images/default/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Inter-Regular.woff2
onlinebanking.bancogalicia.com.ar/Content/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
onlinebanking.bancogalicia.com.ar/Content/fonts/ |
48 KB 0 |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
id
dpm.demdex.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logogalicia.html
logo.prismasystems.com.ar/galicia/ Frame C31F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
99-Aut%C3%B3ctono-Guillermo-Bas%C3%ADlico.jpg
onlinebanking.bancogalicia.com.ar/images/art/ |
16 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
gal.bgsensors.co/api/bgsensor/ |
0 507 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCdaab08cc60054c0792261cd68df7093d-source.min.js
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/0eefbda3e34d/ |
1011 B 819 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCb6b7a0186b314377a037698b9f52ded3-source.min.js
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/0eefbda3e34d/ |
580 B 633 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d07bb4c4-2223-401e-afa9-a9af70590404
https://onlinebanking.bancogalicia.com.ar/ |
165 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
eluminate.js
onlinebanking.bancogalicia.com.ar/Scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
45 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
182 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
217 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
hotjar-584153.js
static.hotjar.com/c/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC5c1c678908cf41fcb18598f579d75f18-source.min.js
assets.adobedtm.com/87fc8b53a8b1/118d2b304f55/0eefbda3e34d/ |
350 B 496 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
www.google-analytics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
stats.g.doubleclick.net/j/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
analytics.google.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
stats.g.doubleclick.net/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
www.google.com.bd/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
www.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sifo.bancogalicia.com.ar
- URL
- https://sifo.bancogalicia.com.ar/requestserver/script/v1/al02ch/login.js?clientId=4f610b72-bc0d-4cb6-9bca-9142006dfa61
- Domain
- onlinebanking.bancogalicia.com.ar
- URL
- https://onlinebanking.bancogalicia.com.ar/Content/fonts/Inter-Regular.woff2
- Domain
- dpm.demdex.net
- URL
- https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DF3360B65E15FFB70A495C4A%40AdobeOrg&d_nsid=0&ts=1667690429532
- Domain
- logo.prismasystems.com.ar
- URL
- https://logo.prismasystems.com.ar/galicia/logogalicia.html
- Domain
- onlinebanking.bancogalicia.com.ar
- URL
- https://onlinebanking.bancogalicia.com.ar/Scripts/eluminate.js
- Domain
- static.hotjar.com
- URL
- https://static.hotjar.com/c/hotjar-584153.js?sv=7
- Domain
- www.google-analytics.com
- URL
- https://www.google-analytics.com/collect
- Domain
- stats.g.doubleclick.net
- URL
- https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62726172-14&cid=1129399720.1667690430&jid=1595398193&gjid=1797681814&_gid=917020926.1667690430&_u=YGBAiEABBAAAAEAAI~&z=796395318
- Domain
- analytics.google.com
- URL
- https://analytics.google.com/g/collect?v=2&tid=G-NK1ZTDWVWL>m=2oeb20&_p=2138108948&_gaz=1&cid=1129399720.1667690430&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Online%20Banking&dl=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&sid=1667690429&sct=1&seg=0&dr=https%3A%2F%2Felting-nn.com%2F&en=page_view&_fv=1&_ss=2&ep.page_path=%2Flogin
- Domain
- stats.g.doubleclick.net
- URL
- https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NK1ZTDWVWL&cid=1129399720.1667690430>m=2oeb20&aip=1
- Domain
- www.google.com.bd
- URL
- https://www.google.com.bd/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NK1ZTDWVWL&cid=1129399720.1667690430>m=2oeb20&aip=1&z=606511468
- Domain
- www.google-analytics.com
- URL
- https://www.google-analytics.com/g/collect?v=2&tid=G-R462ZWFJX5>m=2oeb20&_p=2138108948&cid=1129399720.1667690430&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667690429&sct=1&seg=0&dl=https%3A%2F%2Fonlinebanking.bancogalicia.com.ar%2Flogin&dr=https%3A%2F%2Felting-nn.com%2F&dt=Online%20Banking&en=page_view&_fv=2&_ss=1
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Galicia (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
onlinebanking.bancogalicia.com.ar/ | Name: ASP.NET_SessionId Value: ariuimz3cbunyswxcx0trtcd |
|
onlinebanking.bancogalicia.com.ar/ | Name: SameSite Value: None |
|
.bancogalicia.com.ar/ | Name: Luke Value: 97a82892-1f30-4fbf-96c0-cf48cc041d70 |
|
.bancogalicia.com.ar/ | Name: R2D2 Value: https://bcdn-god.we-stats.com/scripts/ad1a29c5/ad1a29c5.js |
|
onlinebanking.bancogalicia.com.ar/ | Name: __RequestVerificationToken Value: atQ6QCZqZAhW-KtEEryOKTt4mXzZ2bPu9Bmixuxjhf-5-XeFqECAW83FPl6HqN_LIjHHQ3Vqr5wP5p-pZuf3Rl88iDAvgHOxQhFtxugLNNw1 |
|
onlinebanking.bancogalicia.com.ar/ | Name: TS010dd3b2 Value: 01f07bd103862e71f03329215388a786cf9290627c7171e59040bfeb810e516133974ef4adaf71b548cb1644963145760e5312e67a |
|
.bancogalicia.com.ar/ | Name: TS017bfb32 Value: 01f07bd103862e71f03329215388a786cf9290627c7171e59040bfeb810e516133974ef4adaf71b548cb1644963145760e5312e67a |
|
onlinebanking.bancogalicia.com.ar/ | Name: ADRUM_BTa Value: R:47|g:5b0d4bc0-4ea2-4f55-b1b4-7f0b00691e6a|n:customer1_ab160084-0402-4ee6-8708-8af776cf193a |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
assets.adobedtm.com
bcdn-god.we-stats.com
detectca.easysol.net
dpm.demdex.net
elting-nn.com
gal.bgsensors.co
logo.prismasystems.com.ar
onlinebanking.bancogalicia.com.ar
sifo.bancogalicia.com.ar
static.hotjar.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com.bd
www.googleadservices.com
www.googletagmanager.com
analytics.google.com
dpm.demdex.net
logo.prismasystems.com.ar
onlinebanking.bancogalicia.com.ar
sifo.bancogalicia.com.ar
static.hotjar.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com.bd
107.23.44.14
161.190.1.97
185.46.120.131
216.58.212.130
2600:9000:21f3:fc00:10:fcf8:9540:93a1
2a00:1450:4001:810::200e
2a00:1450:4001:828::2008
2a02:26f0:3500:587::1e80
2a06:98c1:3120::3
0576ae7824ea16abb02aaf19b40cecb770f67ebf50c9c409d9de39c071c30e06
221dbb2bacea097ffbee9a0bd40c7d288c55c6717198613128d76bf0e593a8e5
25e521f17135f161c1f02f0555af227292ab009967c461380e3135c414f288e6
38c2ceafd2e0319b0249ad97ab59932dd54971afd9422bb5bbff40ab7069d763
48b4936ce5566096a7dc0bc0df94cae93b187b0c87ac2fe79d690c92634b66c9
5673590a864ab325ebe5ae1ebd0abbd38ee3cc3713c3bc8a0a72a3cc3ccd73cf
612a237e8ee113c28afb5b58bce39eed244dc31b6d2127b45da334edca204b85
7077e2eed3c6d233267a425d22867e6d7c03e95f3098aaf0552256e56c5e9870
7222ad8ab8c45e83a9b4628367adf579b0f09010bb5cb11a2c102e4c8e6fa165
7e921853f362fcf37da6f2eb321fd8934d0106ee76d1e0af3741089580410257
94540fb094f88dcb97133238ecca230cd0b4916d6910ee2ecc1dc3e054d06431
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4ff0e55e735bcecbe65b3d851306ed458d3ef865d108b74dbc107ead609a17a
b8f28cd9cc6257cdefca49414abb41ad8eabfaf681b33663da840e88d72ebfbd
bba086f338dd82a0d5fa77d1316483a050926bcb5b409d457577c71ed41eac63
c4145a9e8ffd7f6e600cb97e9d5b54488499fec84e99b147ee7c48d171314395
c46e9d5b86e7a9c0405f4edb56d1f7f8a4a463dca80ff9b99b916da39064a233
c6a426d270b0ad206fbc35757ca3590ce4e57e804f2cb7684d61f80db9d6a28d
c714daca086c41b0915c1eb7cdfc38696582eba1d6a0259e2fec643e84728be6
c93153ac3f59a9b53b5ae04c99bded904698ebed8ee2c9303b9503eabfc73631
daa3c855db945057c476c04ee6bb306f1af5fe93c4fed1353eaf8138f2a20783
ddefe1454fd07ece0a0042757aa5653c0fbf2cdda23e7d7b17738ca8de7116e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4068cbd9eeb14497343b7f0584a42a42f9d64909aa38c781bb76ac0d9dc372
f397778bb003ff2d647f5d7d90050f9b50f43622fb02637c8537f159f460bbad